Re: [PATCH] iwlwifi: actually check allocated conf_tlv pointer
From: Kalle Valo
Date: Mon Apr 06 2020 - 10:11:08 EST
Chris Rorvick <chris@xxxxxxxxxxx> wrote:
> Commit 71bc0334a637 ("iwlwifi: check allocated pointer when allocating
> conf_tlvs") attempted to fix a typoe introduced by commit 17b809c9b22e
> ("iwlwifi: dbg: move debug data to a struct") but does not implement the
> check correctly.
>
> This can happen in OOM situations and, when it does, we will potentially try to
> dereference a NULL pointer.
>
> Tweeted-by: @grsecurity
> Signed-off-by: Chris Rorvick <chris@xxxxxxxxxxx>
Fails to build, please rebase on top of wireless-drivers.
drivers/net/wireless/intel/iwlwifi/iwl-drv.c: In function 'iwl_req_fw_callback':
drivers/net/wireless/intel/iwlwifi/iwl-drv.c:1470:16: error: 'struct iwl_fw' has no member named 'dbg_conf_tlv'
if (!drv->fw.dbg_conf_tlv[i])
^
make[5]: *** [drivers/net/wireless/intel/iwlwifi/iwl-drv.o] Error 1
make[5]: *** Waiting for unfinished jobs....
make[4]: *** [drivers/net/wireless/intel/iwlwifi] Error 2
make[3]: *** [drivers/net/wireless/intel] Error 2
make[2]: *** [drivers/net/wireless] Error 2
make[1]: *** [drivers/net] Error 2
make[1]: *** Waiting for unfinished jobs....
make: *** [drivers] Error 2
Patch set to Changes Requested.
--
https://patchwork.kernel.org/patch/11470125/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches